<?php

function send_load_admin_users()
{
   if(isset($_SESSION['logged_in']) && $_SESSION['permissions'] == 'Admin')
      return true;
}

function send_menu_admin_users()
{
   $content = "<a href=?q=admin_list_students>List Students</a><br>";
   $content .= "<a href=?q=admin_list_faculty>List Faculty</a><br>";
   $content .= "<a href=?q=admin_list_search>Search Student/Faculty</a><br>";
   return $content;
}

function send_content_admin_users()
{
   if(isset($_GET['q']))
   {
      if($_GET['q'] == "admin_list_students")
      {
         $content = "List of Students<br><br>";

         $query = "select * from login_details where permissions = 'Student'";
         $result = mysql_query($query);
         $num = mysql_num_rows($result);
         if($num == 0)
            return "No Student registered";

         $count = 1;
         while($row = mysql_fetch_row($result))
         {
            $content .= "$count. $row[1], $row[0] <a href=?q=admin_delete_student&uid=$row[0]>Delete</a><br><form name='reset_password' action='?q=admin_reset_student&uid=$row[0]' method='post' ><input type='text' name='password'><input type='submit' value='Reset Password'></form><br><br>";
            $count++;
         }
         
         return $content;
      }
      else if($_GET['q'] == "admin_list_faculty")
      {
         $content = "List of Faculty<br><br>";

         $query = "select * from login_details where permissions = 'Faculty'";
         $result = mysql_query($query);
         $num = mysql_num_rows($result);
         if($num == 0)
            return "No Faculty registered";

         $count = 1;
         while($row = mysql_fetch_row($result))
         {
            $content .= "$count. $row[1], $row[0] <a href=?q=admin_delete_faculty&uid=$row[0]>Delete</a><br><form name='reset_password' action='?q=admin_reset_faculty&uid=$row[0]' method='post' ><input type='text' name='password'><input type='submit' value='Reset Password'></form><br><br>";
            $count++; 
         }

         return $content;
      }
      else if($_GET['q'] == "admin_reset_faculty")
      {
         if(!isset($_GET['uid']) || !isset($_POST['password']) ||$_POST['password'] == '')
            return "No donut for you";
         $query = "update login_details set user_pass = '$_POST[password]' where uid = $_GET[uid] and permissions = 'Faculty'";
         mysql_query($query);
         return "Password updated successfuly";
      }
      else if($_GET['q'] == "admin_reset_student")
      {
         if(!isset($_GET['uid']) || !isset($_POST['password']) ||$_POST['password'] == '')
            return "No donut for you";
         $query = "update login_details set user_pass = '$_POST[password]' where uid = $_GET[uid] and permissions = 'Student'";
         mysql_query($query);
         return "Password updated successfuly";
      }
      else if($_GET['q'] == "admin_delete_faculty" && isset($_GET['uid']))
      {
         $query = "delete from login_details where uid = $_GET[uid] and permissions = 'Faculty'";
         mysql_query($query);
         return "Select Faculty removed successfuly";
      }
      else if($_GET['q'] == "admin_delete_student" && isset($_GET['uid']))
      {
         $query = "delete from login_details where uid = $_GET[uid] and permissions = 'Student'";
         mysql_query($query);
         $query = "delete from students where uid = $_GET[uid]";
         mysql_query($query);
         return "Select Student removed successfuly";
      }
      else if($_GET['q'] == "admin_list_search")
      {
         $content = "<form name='admin_list_search' action='?q=admin_list_search_display' method='post'><table>";
         $content .= "<tr><td>Keyword:</td><td><input name='keyword' type='text'>";
         $content .= "<tr><td>Option:</td><td><select name='permissions'><option>Student</option><option>Faculty</option></select></td></tr>";
         $content .= "<td><input name='Search' type='submit'></td></table></form>";

         return $content;
      }
      else if($_GET['q'] == "admin_list_search_display")
      {
         if(!isset($_POST['keyword']) || $_POST['keyword'] == "")
            return "No keyword submitted";
         $permission = $_POST['permissions'];
         $permission_l = strtolower($permission);
         $keyword = $_POST['keyword'];

         $content = "List of $permission<br><br>";

         $query = "select * from login_details where permissions = '$permission' && (f_name like '%$keyword%' or uid like '%$keyword' or l_name like '%$keyword%')";
         $result = mysql_query($query);
         $num = mysql_num_rows($result);
         if($num == 0)
            return "No $permission found";

         $count = 1;
         while($row = mysql_fetch_row($result))
         {
            $content .= "$count. $row[2], $row[0] <a href=?q=admin_delete_$permission_l&uid=$row[0]>Delete</a><br><form name='reset_password' action='?q=admin_reset_$permission_l&uid=$row[0]' method='post' ><input type='text' name='password'><input type='submit' value='Reset Password'></form><br><br>";
            $count++;
         }

         return $content;
      }
   }
}

function send_content_other_admin_users()
{

}

?>
